package auth

import (
	"admin/middleware"
	auth "admin/modules/auth/controller"
	"admin/service"
	"github.com/gin-gonic/gin"
	"net/http"
)

func RegisterAuthRoutes(r *gin.Engine, container *service.Container) {
	// 禁用自动重定向来修复末尾斜杠问题
	r.RedirectTrailingSlash = false

	// 应用操作日志中间件到所有路由
	r.Use(middleware.OperationLog())

	authGroup := r.Group("/auth")
	{
		// token
		authGroup.POST("/token", func(c *gin.Context) {
			if err := container.HandleTokenRequest(c.Writer, c.Request); err != nil {
				c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
			}
		})
		authGroup.POST("/login", Login)
		authGroup.POST("/logout", Logout)
		authGroup.POST("/register", Register)

		authGroup.GET("/me", middleware.OAuth2TokenVerify(container.OAuthServer), Me)
	}

	// 角色路由
	roles := auth.NewRolesController(container.DB)
	rolesGroup := r.Group("/roles")
	{
		rolesGroup.GET("", middleware.RBAC(container.DB, "roles:list"), roles.List)
		rolesGroup.POST("", middleware.RBAC(container.DB, "roles:create"), roles.Create)
		rolesGroup.PUT("/:id", middleware.RBAC(container.DB, "roles:update"), roles.Update)
		rolesGroup.DELETE("/:id", middleware.RBAC(container.DB, "roles:delete"), roles.Delete)

		// 角色菜单管理路由
		rolesGroup.GET("/:id/menus", middleware.RBAC(container.DB, "roles:get-menus"), roles.GetMenusByRoleId)
		rolesGroup.POST("/:id/menus", middleware.RBAC(container.DB, "roles:add-menu"), roles.AddMenuToRole)
		rolesGroup.DELETE("/:id/menus/:menu_id", middleware.RBAC(container.DB, "roles:remove-menu"), roles.RemoveMenuFromRole)

		// 角色权限管理路由
		rolesGroup.GET("/:id/permission", middleware.RBAC(container.DB, "roles:get-permission"), roles.GetPermissionsByRoleId)
		rolesGroup.POST("/:id/permission", middleware.RBAC(container.DB, "roles:addPermissionToRole"), roles.AddPermissionToRole)
		rolesGroup.DELETE("/:id/permission/:role_id", middleware.RBAC(container.DB, "roles:removePermissionFromRole"), roles.RemovePermissionFromRole)

	}

	// 管理员用户路由
	adminCtl := auth.NewAdminUserController(container.DB)
	adminUserGroup := r.Group("/admin-users")
	{
		adminUserGroup.GET("", middleware.RBAC(container.DB, "admin-users:list"), adminCtl.List)
		adminUserGroup.POST("", middleware.RBAC(container.DB, "admin-users:create"), adminCtl.Create)
		adminUserGroup.PUT("/:id", middleware.RBAC(container.DB, "admin-users:update"), adminCtl.Update)
		adminUserGroup.DELETE("/:id", middleware.RBAC(container.DB, "admin-users:delete"), adminCtl.Delete)
		// 用户角色管理路由
		adminUserGroup.POST("/:id/roles", middleware.RBAC(container.DB, "admin-users:add-role"), adminCtl.AddRoleToUser)
		adminUserGroup.DELETE("/:id/roles/:role_id", middleware.RBAC(container.DB, "admin-users:remove-role"), adminCtl.RemoveRoleFromUser)
		adminUserGroup.GET("/:id/roles", middleware.RBAC(container.DB, "admin-users:get-roles"), adminCtl.GetRolesByUser)
	}

	// 菜单路由
	menus := auth.NewMenuController(container.DB)
	menusGroup := r.Group("/menus")
	{
		menusGroup.GET("", middleware.RBAC(container.DB, "menus:list"), menus.List)
		menusGroup.GET("/tree", middleware.RBAC(container.DB, "menus:list"), menus.GetMenuTree)
		menusGroup.POST("", middleware.RBAC(container.DB, "menus:create"), menus.Create)
		menusGroup.GET("/:id", middleware.RBAC(container.DB, "menus:get"), menus.GetMenuByID)
		menusGroup.PUT("/:id", middleware.RBAC(container.DB, "menus:update"), menus.Update)
		menusGroup.DELETE("/:id", middleware.RBAC(container.DB, "menus:delete"), menus.Delete)
	}

	// 权限路由
	f := auth.NewPermissionController(container.DB)
	permGroup := r.Group("/permissions")
	{
		permGroup.GET("", middleware.RBAC(container.DB, "permissions:list"), f.List)
		permGroup.POST("", middleware.RBAC(container.DB, "permissions:create"), f.Create)
		permGroup.GET("/:id", middleware.RBAC(container.DB, "permissions:get"), f.GetPermissionByID)
		permGroup.PUT("/:id", middleware.RBAC(container.DB, "permissions:update"), f.Update)
		permGroup.DELETE("/:id", middleware.RBAC(container.DB, "permissions:delete"), f.Delete)

	}

	// 操作日志路由
	operationLogs := auth.NewOperationLogController(container.DB)
	logsGroup := r.Group("/operation-logs")
	{
		logsGroup.GET("", middleware.RBAC(container.DB, "operation-logs:list"), operationLogs.List)
		//logsGroup.GET("/:id", middleware.RBAC(container.DB, "operation-logs:get"), operationLogs.GetByID)
	}
}

func Login(c *gin.Context) {
	c.JSON(http.StatusOK, gin.H{
		"message": "login successful",
	})
}

func Logout(c *gin.Context) {
	c.JSON(http.StatusOK, gin.H{
		"message": "logout successful",
	})
}

func Register(c *gin.Context) {
	// 这里需要获取容器来创建 facade 实例
	c.JSON(http.StatusNotImplemented, gin.H{"error": "not implemented"})
}

func Me(c *gin.Context) {
	if info, ok := c.Get("AccessToken"); ok {
		c.JSON(http.StatusOK, gin.H{"token": info})
		return
	}
	c.JSON(http.StatusUnauthorized, gin.H{"error": "invalid token"})
}
